package com.zby.scms.shiro;

import com.zby.scms.entity.RolePerms;
import com.zby.scms.entity.User;
import com.zby.scms.service.RolePermsService;
import com.zby.scms.service.RoleService;
import com.zby.scms.service.UserService;
import com.zby.scms.utils.Constants;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;


import java.util.List;

public class MyShiroRealm extends AuthorizingRealm {
    private Logger logger = LoggerFactory.getLogger(MyShiroRealm.class);

    @Autowired
    private UserService userService;
    @Autowired
    private RolePermsService rolePermsService;
    @Autowired
    private RoleService roleService;


    /*
     * 授权
     * */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        logger.info("执行授权");
        System.out.println("执行授权");
        /**
         * 1. 获取当前登录用户信息
         * 2. 获取当前用户关联的角色、权限等
         * 3. 将角色、权限封装到AuthorizationInfo对象中并返回
         */
        //获取已登录的用户信息
        User currentUsers = (User) principalCollection.getPrimaryPrincipal();

        if (currentUsers != null) {
            return null;

        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //获取用户角色
        currentUsers.getRoleid();

        //为用户添加角色
        simpleAuthorizationInfo.addRole("");





        //获取用户角色的权限信息role_perms
        List<RolePerms> permsList = rolePermsService.queryByRoleId(currentUsers.getRoleid());
//            simpleAuthorizationInfo.addRole();
//            simpleAuthorizationInfo.addObjectPermissions(lists);

//        simpleAuthorizationInfo.addStringPermission("college:findAll");


        //为用户设置角色和权限？？？
/*        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRoles(Collection<RolePerms> lists);
        authorizationInfo.addStringPermissions(lists);*/



/*        for (Role role : users.getRoles()) {
            //添加角色
            simpleAuthorizationInfo.addRole(role.getRoleName());
            //添加权限
            for (Permissions permissions : role.getPermissions()) {
                simpleAuthorizationInfo.addStringPermission(permissions.getPermissionsName());
            }
        }*/


        return simpleAuthorizationInfo;
    }


    /*
     * 认证
     * */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        logger.info("执行认证");

        //获取用户输入的userId与username

        String username = authenticationToken.getPrincipal().toString();

        logger.info("用户输入的userID为:" + username +
                "用户输入的密码为：" + authenticationToken.getCredentials().toString());

        User users = userService.queryById(username);
        //通过userId去查询数据库，若username不存在，则提示用户不存在
        if (users == null) {
            //这里返回后会报出对应异常
            return null;

        }

        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                users,
                users.getPassword(),
                getName());//getName()相当于MyShiroRealm
        //session中不需要保存密码

        //将用户信息放入session中
        SecurityUtils.getSubject().getSession().setAttribute(Constants.SESSION_USER_INFO, users);
        return authenticationInfo;
    }
}
